Method and device for detecting Trojan in non-executable file
A technology for executing files and detection methods, applied in computer security devices, instruments, electrical and digital data processing, etc., can solve the problems of illegal function call difficulty, inability to fundamentally distinguish between normal program behavior and suspicious program behavior, etc., to ensure reliable sexual effect
- Summary
- Abstract
- Description
- Claims
- Application Information
AI Technical Summary
Problems solved by technology
Method used
Image
Examples
Example Embodiment
[0029] As shown in the accompanying drawings, a method for detecting a non-executable file hanging horse of the present invention includes the following steps:
[0030] The detection program 11 set in the user layer 1 of the operating system determines the non-executable document to be detected, and opens the process information of the non-executable document;
[0031] The monitoring module 21 set in the kernel layer 2 of the operating system monitors the process communication of opening the non-executable document;
[0032] The monitoring module 21 at the kernel layer of the operating system intercepts the file creation operation of the monitoring process, determines whether the file extension of the non-executable file is suspicious, and if so, informs the detection program at the user layer of the operating system 11 to suspend the process, warn the user, and record Suspicious behavior and prohibit execution, if not, continue monitoring;
[0033] The monitoring module 21 at the ker...
PUM
Abstract
Description
Claims
Application Information
- R&D Engineer
- R&D Manager
- IP Professional
- Industry Leading Data Capabilities
- Powerful AI technology
- Patent DNA Extraction
Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.
© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap